You can specify whether non-interactive connections require authentication from the
High Security Settings module.
A non-interactive connection bypasses the UI to connect to the instance at an API
level. Typically, non-interactive connections use set protocols such as JSON, SOAP,
XSD, or WSDL. By default, all non-interactive connections require
Login with an administrator user with the security_admin role.
Elevate your privileges to use security_admin.
Select the matching "Requires authorization" option for
the protocol you want to set. For example, Requires authorization for
incoming SOAP requests.
Select the checkbox to require authentication for the non-interactive
connection method. Clear the checkbox to allow the non-interactive connection
method to connect without providing any credentials.
Activating the Non-Interactive Sessions plugin on an existing
system may prevent any existing users that authorize SOAP and WSDL-based
integrations from logging in unless they already have the soap role. See
Updating Web Service User Accounts for Strict Security
manually update existing integration users.